Financial Sector Remains Vulnerable to Cyber Attacks

An article in The Economist warns that the U.S. financial system may be extremely vulnerable to disruption and manipulation, and that both the industry and the government entities charged with its regulation may be woefully unprepared to combat the mounting threats.

The article cites a 2010 report from Symantec that estimates as many as three-quarters of targeted phishing operations are aimed at the financial sector, as well as noting that Nasdaq's Bob Greifeld remarked that critical networks are "literally constant attack".

In February of 2011, The Wall Street Journal reported that Nasdaq systems had been breached on multiple occasions. Officials stated that the platform responsible for executing trades was not compromised, though they could not specify exactly which systems were involved in the unauthorized access.

"Many of these assaults are carried out by hackers bent on mischief. Some are the work of organized criminal groups in pursuit of loot. But plenty of people fret that some attackers are aiming to cause more serious damage," The Economist article contends.

Aside from outright malicious attacks against systems and continuous attempts at unauthorized access against protected networks, industry insiders may alos be working to manipulate trades in an effort to capitalize on short-term market conditions through a method called "sponsored access".

The practice led to reports that some small to mid-sized brokers were registering trade volumes that exceeded some of the largest firms on Wall Street, like Goldman Sachs and J.P. Morgan Chase, wherein "established brokers can in effect rent their identities to other traders so that the latter do not have to jump through the usual regulatory hoops."

This allowed an unidentified group of traders to cause a surge in transactions in an anonymous manner which impacted market prices while the same parties sought to profit form the anomalous fluctuations.

In addition to these manipulations, the abuse of high-speed electronic trading systems were likely the cause of serious market stability fluctuations in equities trading.

"Sponsored access is not the only way that a determined assailant could create havoc. The 'flash crash' of May 6, 2010, in which U.S. equities spectacularly nosedived, showed the damage that can be done by high-speed algorithmic trading. It is much easier to drag markets down when they are already reeling, by the use of such things as short-selling, options and swaps, points out James Rickards of Tangent Capital, an expert on financial threats. This is what the military would call a 'force multiplier,' The Economist article states.

Side-channel attacks utilize indirect measures to determine system operations, such as the electromagnetic signals from hardware like keyboards and monitors.

The networks perform transaction measured in microseconds, and hackers could inflect minute latencies that could result in significant aberrations to real-time stock prices, netting millions of dollars in mere seconds.

Kay indicates the problem arises from rapid rate in which the transactions occur, making it difficult for network monitoring software that works on a scale of milliseconds to detect manipulations.

Compounding these problems is the lack of a coordinated regulatory and law enforcement apparatus to combat such manipulations, according to the report.

"Within government, responsibility is fragmented. In America, the Treasury, other financial regulators, the Department of Homeland Security, the Pentagon, the FBI, the National Security Agency and others all have a hand in financial cybersecurity. But the dots are not always connected, even within departments," the article continued.

Leaders in Washington DC have made efforts recently to begin reining in vulnerabilities to the financial system by characterizing such exploits as being akin to terrorism, thus increasing the tools available to law enforcement for combating these types of illicit operations.

"In a move that received surprisingly little attention, President Obama signed an unprecedented executive order in July declaring the infiltration of financial and commercial markets by transnational criminal groups to be a national emergency. It also pointed to 'evidence of growing ties between [these groups] and terrorists.' In a sign that Congress, too, is twitchy, its latest appropriations bill calls for a report into the risks posed by financial terrorism," The Economist article continued.

These efforts are nonetheless modest in comparison to the relentless and coordinated efforts of attackers and those bent on destabilizing the American financial system both for personal gain or to undermine national security.

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.